Apple Releases Security Updates for iOS 12

In addition to multiple other security updates Apple released recently, they also released security updates for iOS 12. As these updates are security updates, it is important to apply them to all devices that are affected.

You can view Apple’s product security page for more information from this link.

 

iOS 12

A local app may be able to read a persistent account identifier.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: This issue was addressed with improved entitlements
  • CVE-2018-4322

 

An attacker in a privileged network position may be able to intercept Bluetooth traffic.
  • Updates available for: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation, 12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation
  • Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
  • CVE-2018-5383

 

An application may be able to execute arbitrary code with system privileges.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A memory corruption issue was addressed with improved memory handling
  • CVE-2018-4330

 

An app may be able to learn information about the current camera view before being granted camera access.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A permissions issue existed. This issue was addressed with improved permission validation
  • CVE-2018-4356

 

An application may be able to read restricted memory.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A validation issue was addressed with improved input sanitization
  • CVE-2018-4335

 

An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: An input validation issue was addressed with improved input validation
  • CVE-2018-4305

 

An application may be able to read restricted memory.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: An input validation issue existed in the kernel. This issue was addressed with improved input validation.
  • CVE-2018-4363

 

A local user may be able to discover a user’s deleted messages.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions
  • CVE-2018-4313

 

A local user may be able to discover a user’s deleted notes.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of application snapshots
  • CVE-2018-4313

 

A user may be unable to delete browsing history items.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion
  • CVE-2018-4329

 

A malicious website may be able to exfiltrate auto-filled data in Safari.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A logic issue was addressed with improved state management
  • CVE-2018-4307

 

Visiting a malicious website may lead to address bar spoofing.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: An inconsistent user interface issue was addressed with improved state management
  • CVE-2018-4362

 

An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: This issue was addressed by removing RC4
  • CVE-2016-1777

 

A person with physical access to an iOS device may be able to determine the last used app from the lock screen.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A logic issue was addressed with improved restrictions
  • CVE-2018-4325

 

An application may be able to read restricted memory.
  • Updates available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  • Description: A validation issue was addressed with improved input sanitization
  • CVE-2018-4338

 

 

If you found this post helpful, share it to your friends!

About the author

PC Rookies is a one-man-project to offer basic information about computers. The writer is studying computer sciences and a computer hobbyist.

Leave A Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.